Presentation is loading. Please wait.

Presentation is loading. Please wait.

A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD

Published byTodd Singleton Modified over 9 years ago

Similar presentations

Presentation on theme: "A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD"— Presentation transcript:

1 A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD
Guided By: Prof. S. Jain PRESENTED BY Dhanshri Agashe

2 CONTENTS INTRODUCTION MOTIVATION LITERATURE SURVEY METHODOLOGY ISSUES
ADVANTAGES OF GRAPHICAL PASSWORDS. APPLICATIONS CONCLUSION FUTURE SCOPE REFERENCES

3 INTRODUCTION Graphical user authentication(GUA) system requires a user to select a memorable image. Digital watermarking is the process of embedding information into a digital signal. The purpose of digital watermarking is to provide copyright protection. By using Cued click points users click on one point per image for a sequence of images. Performance was very good in terms of speed, accuracy, and number of errors.

4 INTRODUCTION Users preferred CCP to saying that selecting and remembering only one point per image was easier. Seeing each image triggered their memory of where the corresponding point was located. Cued click points provides greater security as the number of images increases the workload for attackers.

5 Watermark What ? The term watermark is derived from the German term “Wessmark” The basic idea of watermark is to embed some information in digital images so that it can not be miss used or owned by others. Image without watermark Watermarked image

6 Picture Password Authentication Using cued click points
MODULES USER REGISTRATION PROCESS PICTURE SELECTION PROCESS LOGIN PROCESS SYSTEM FINAL REGISTRATION PROCESS

7 MOTIVATION There is a good security when using the text-based strong password schemes but often memorizing the password. An alternative solution to the text-based authentication which is the GUA or simply Graphical Password . However, one big issue that is plaguing GUA is shoulder surfing attack that can capture the users mouse clicks and image gallery.

8 LITERATURE SURVEY Sr. No. Paper Name Author Year Conclusion 1
Graphical User Authentication A.H. Lashkari IEEE 2011 Resistance to common attacks of graphical password algorithms. 2 Persuasive cued click points Stobert. E 2012 Influence user choice in click-based graphical passwords, encouraging users to select more random, and hence more difficult to guess, click-points.

9 LITERATURE SURVEY If attacker want to attack to the image gallery as we hide the copyright protection information in all images of the system. In proposed algorithm all images has copyright information and is difficult to change the image of gallery. Focus on attacks of graphical password algorithms and evaluate recognition based algorithms.

10 METHODOLOGY PROPOSED GRAPHICAL PASSWORD ALGORITHM A denotes the user A
ID denotes the user identity of user A S denotes the server side operation C denotes the Client side operation UAI denotes User added some image for his/her password UI denotes the image(s) that user added to the system Ini denotes the image number of user’s password DI denotes set of the decoy images

11 continue RCS denotes the random character set generated for each image in login page DQ() denotes the data query from database DW()denotes the write the data pack in the database IMX()denotes matrix of images || denotes the concatenation process WCP() denotes the Copyright Protection technique of Watermarking CWCP() denotes the checking process for copy right protection of watermarking

12 continue The workflow of registration phase is as below:
Step1. C: (A, ID) S [User A sends his ID to the server for login page] Step2. S: DQ (ID)[in the server side the user’s information will find from data base] Step3. S: IMX (DI, INi) C [Server generate a from the decoy images and user’s password images and sent to the client side] Step4. C: CWCP (IMX (Di,INi)) [the algorithm check the copyright protection in them image matrix]

13 continue Step5: C: INi [user selects his/her password images by write the related characters and algorithm fin the related ID regarding to the users entered characters as INi] Step6. C: ID || INi [in the client side the ID of user and selected images INi will concatenate and make the data pack] Step7. C: ID|| INi S [Client send the generated data pack to the server] Step8. S: Success/Reject  C[check the data pack and if the pack is true reply successfully to the client side and If data pack is not true then reject the user in login phase.

14 Graphical Password-what a concept!
Here you pick several icons to represent the password. Then when you want to authenticate it, a screen is drawn as a challenge to which you must respond. The screen has numerous icons, at some of which are your private password icons. You must locate your icons visually on the screen and click on the screen to the password.

15 The survey : Two categories
Recognition Based Techniques a user is presented with a set of images and the user passes the authentication by recognizing and identifying the images he selected during the registration stage. Recall Based Techniques A user is asked to reproduce something that he created or selected earlier during the registration stage.

16 Phases of Algorithm Login phase Registration phase

17 Click point’s as password
1st click 2nd click 3rd click 4th click 5th click … Click point

18 DATABASE Last picture System gives 3 chances to
First picture stored in database during registration Last picture Correct click point Gives the next image Correct username DATABASE System gives 3 chances to The user for incorrect password Verification of click point Database contains saved pictures and points. If the user exists 3 chances then the password system displays another picture which will be unrelated to the picture selected by the user during password creation

19 COMPARISION BETWEEN ALPHA-NUMERIC & GRAPHICAL PASSWORDS:
Commonly used guidelines for alpha-numeric passwords are: The password should be at least 8 characters long. The password should not be easy to relate to the user (e.g., last name, birth date). Ideally, the user should combine upper and lower case letters and digits and special characters. Graphical passwords The password consists of some actions that the user performs on an image. Such passwords are easier to remember & hard to guess.

20 APPLICATION OF THE PICTURE PASSWORD SYSTEM
SYSTEM LOG IN AND LOG OUT PROCESS FOLDER LOCKING WEB LOG-IN APLLICATION

21 ADVATAGES OF GRAPHICAL PASSWORDS
Graphical password schemes provide a way of making more human-friendly passwords . Here the security of the system is very high. Here we use a series of selectable images on successive screen pages. Dictionary attacks are infeasible.

22 SOLUTION TO SHOULDER SURFING PROBLEM
(1) TRIANGLE SCHEME

23 FUTURE SCOPE Shoulder surfing means watching over people's shoulders as they process information. Examples include observing the keyboard as a person types his or her password, enters a PIN number, or views personal information. Because of their graphic nature, nearly all graphical password schemes are quite vulnerable to shoulder surfing. It can be overwhelming by triangle scheme in further approach

24 CONCLUSION Brute Force Search
More difficult to break the graphical passwords from traditional attack methods: Brute Force Search Dictionary Attack Or Spyware By implementing other special geometric configurations like triangle & movable frame ,one can achieve more security especially shoulder surfing and physical attacks.

25 REFERENCES A.H. Lashkari, F.T., Graphical User Authentication (GUA).
2010: Lambert Academic Publisher. Komanduri, S. and D.R. Hutchings, Order and Entropy in Picture Passwords, in Canadian Information Processing Society Hu , W., X. Wu, and G. Wei, The Security Analysis of Graphical Passwords, in International Conference on Communications and Intelligence Information Security

26 THANK YOU.. ANY QURIES?

Download ppt "A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD"

Similar presentations

The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.

The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.
Lecture 6 User Authentication (cont)

Lecture 6 User Authentication (cont)
Electronic Timesheet User Manual

Electronic Timesheet User Manual
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.

Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
Duress Detection for Authentication Attacks Against Multiple Administrators Emil Stefanov UC Berkeley Mikhail Atallah Purdue University.

Duress Detection for Authentication Attacks Against Multiple Administrators Emil Stefanov UC Berkeley Mikhail Atallah Purdue University.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
3d ..

3d ..
3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.

3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.
Pennsylvania’s Protection From Abuse Database

Pennsylvania’s Protection From Abuse Database
Usable Privacy and Security Carnegie Mellon University Spring 2007 Cranor/Hong 1 Authentication and access control.

Usable Privacy and Security Carnegie Mellon University Spring 2007 Cranor/Hong 1 Authentication and access control.
ACADEMIC COMPUTING ESSENTIALS For SCCC students. Login instructions for My SCCC Student Portal using Banner For access to: Class schedule, SAIN report,

ACADEMIC COMPUTING ESSENTIALS For SCCC students. Login instructions for My SCCC Student Portal using Banner For access to: Class schedule, SAIN report,
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.

Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.
CMSC 414 Computer (and Network) Security Lecture 24 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 24 Jonathan Katz.
Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.

Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.
1 Securing Passwords Against Dictionary Attacks Base on an article by Benny Pinkas & Tomas Sander 2002 Presented by Tomer Conforti.

1 Securing Passwords Against Dictionary Attacks Base on an article by Benny Pinkas & Tomas Sander 2002 Presented by Tomer Conforti.
Bonrix Track & Trace System A GPS Based Vehicle Tracing System (SMS, GPRS/3G, Offline) Bonrix Software Systems Ahmedabad (INDIA) Website:

Bonrix Track & Trace System A GPS Based Vehicle Tracing System (SMS, GPRS/3G, Offline) Bonrix Software Systems Ahmedabad (INDIA) Website:

Similar presentations

Ads by Google